- From: Humphrey, Jack <JHumphrey@coremetrics.com>
- Date: Wed, 7 May 2003 17:01:17 -0500
- To: "'public-p3p-spec@w3.org'" <public-p3p-spec@w3.org>
Sorry for the delay in getting these out. Thanks to Brooks for taking minutes. --- April 25, 2003 Minutes Agent/Domain Relationship Task force Start 9:05 EST Attendees: Jack Humphrey, Coremetrics (Chair) Brooks Dobbs, DoubleClick Marcel Meth, Fleet Boston Financial Dan Schutzer, Citi Group Brandy Moore, AOL Matthias Schunter, IBM Agenda is set: - Stated Purpose coming out of Nov. workshop - Other ideas - What are milestones / tasks (want to be complete by June) 2 Core issues from Brian Zwit's write up following the November meetings 1) allow a mechanism for a site to declare another site as 1st party 2) review compact policies, their efficiencies and the need for them in general (as there is another task force here, we may need to punt this one) Other potential ideas proposed by Jack 1) being able to declare that a single policy applies to multiple sites and services 2) to allow in a privacy policy the ability to denote that a site A is an agent of site B and that they do not have a "true" 3rd party relationship 3) ability to defer purpose to another entity 4) recommendations and requirements Brooks: brings up that point 3) above almost invalidates P3P. - general consensus that more work needs to be done in understanding and describing entity and OURS Jack: raises the liability issues that if a client does something with data not declared. Jack: brings up that the "OURS" recipient is ambiguous Jack: brings up that it may be valuable to tell a UA that asset is really a 1st party Jack: suggests the possibility of changing the PRF mechanism to potentially cover multiple hosts within a domain Brooks: raises the issue that CPs already create a problem by potentially applying a policy across entities Jack: state that pre-fetching (e.g. evaluating policy at cookie-send time) and user agent behavior plays large into resolving a number of these issues. (There seems to be general consensus that a good deal of work that may come out of this group is directly tied to work coming out of the UA group) Matthias: suggests that some of these issues would be easier to follow through written material and suggest more be distributed. Matthias: wants to know how a second site could be considered within the SAME ours as another site. Brooks: suggests the possibility of a second form of the ENTITY element or an attribute within ENTITY that points to an "entity registry" Marcel: brings up that he would like to see W3C declare expected behavior for UAs. Feels that his is key to adoption. There needs to be clarity on how a policy will be represented to an end user. Brooks: suggests broader participation within UA task force. Action Items: Jack is going to write up something on enhanced entity declarations and the ability to refer to other entities, go over it with Brooks, then send it out. Brandy - wants this be sure to also handle CP. Mathias - brings up how Policies can be translated to Layered notice - mentioned that it should be brought up in user agent. Again referred to UA task force.
Received on Wednesday, 7 May 2003 18:37:27 UTC